package com.tulin.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.SecurityFilterChain;

// 没有配置对 再看看

@Configuration
@EnableWebSecurity
public class WebSecurityConfig_yuan {

    @Autowired
    private UserDetailsService userDetailsService;


    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
                .authorizeRequests(authorizeRequests ->authorizeRequests
                        //角色student或者teacher都可以访问/student/** 这样的url
                        .requestMatchers("/student/**").hasAnyRole("student","teacher") // 配置资源权限
                        // 角色teacher 可以访问teacher/**
                        .requestMatchers("/teacher/**").hasRole("teacher")
                        .requestMatchers("/admin/**").access("hasRole('teacher') or hasAuthority('admin:query')")               //角色teacher 或者权限admin:query 觉可以访问admin/**
                        .anyRequest().authenticated() // 其他请求需要登录

                ).userDetailsService(userDetailsService);


        return http.build();
    }

}
